[99s-extend] ssl_hello_world
Loïc Hoguin
essen at ninenines.eu
Fri Apr 11 13:41:29 CEST 2014
This is the successful output I get. You should try to see why yours is
different, perhaps someone somewhere ran into the same issue at some
point. Note that the --cacert option isn't needed and basically makes no
difference.
% curl -ikvv https://localhost:8443
* Rebuilt URL to: https://localhost:8443/
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA384
* Server certificate:
* subject: C=US; ST=Texas; O=Nine Nines; OU=Cowboy; CN=localhost
* start date: 2013-02-28 05:23:34 GMT
* expire date: 2033-02-23 05:23:34 GMT
* issuer: C=US; ST=Texas; O=Nine Nines; OU=Cowboy; CN=ROOT CA
* SSL certificate verify result: self signed certificate in
certificate chain (19), continuing anyway.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: localhost:8443
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< connection: keep-alive
connection: keep-alive
* Server Cowboy is not blacklisted
< server: Cowboy
server: Cowboy
< date: Fri, 11 Apr 2014 11:30:03 GMT
date: Fri, 11 Apr 2014 11:30:03 GMT
< content-length: 12
content-length: 12
< content-type: text/plain
content-type: text/plain
<
On 04/11/2014 01:25 PM, Samir Sow wrote:
> Thx.
>
> Same error …
> Openssl s_client does not work either.
> the server does not answer to ClientHello …
>
> Samir
>
> On 11 avr. 2014, at 13:18, Loïc Hoguin <essen at ninenines.eu> wrote:
>
>> The certificate in the SSL example is self-generated, try curl with the --insecure option.
>>
>> On 04/11/2014 12:39 PM, Samir Sow wrote:
>>> Hi,
>>>
>>> Still struggling to make ssl work.
>>>
>>> I downloaded the example ssl_hello_world.
>>> Upon execution : i get the following error with curl
>>>
>>> About to connect() to localhost port 8443 (#0)
>>> * Trying ::1... Connexion refusée
>>> * Trying 127.0.0.1... connected
>>> * Connected to localhost (127.0.0.1) port 8443 (#0)
>>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>>> * NSS error -8018
>>> * Closing connection #0
>>> * Problem with the SSL CA cert (path? access rights?)
>>> curl: (77) Problem with the SSL CA cert (path? access rights?)
>>>
>>>
>>> cmd = curl -vv --cacert priv/cert/cowboy-ca.crt -i https://localhost:8443/
>>>
>>> cacert path checked.
>>> read permission checked
>>>
>>> I’ve tested with a browser and get a connection error.
>>>
>>> Any clue ?
>>>
>>> Samir
>>>
>>>
>>> _______________________________________________
>>> Extend mailing list
>>> Extend at lists.ninenines.eu
>>> https://lists.ninenines.eu/listinfo/extend
>>>
>>
>> --
>> Loïc Hoguin
>> http://ninenines.eu
>
--
Loïc Hoguin
http://ninenines.eu
More information about the Extend
mailing list